From 63fe6b3eda3726f95a9375c70d1879f290ba56c9 Mon Sep 17 00:00:00 2001
From: Teddy Wing
Date: Thu, 8 Nov 2018 02:27:51 +0100
Subject: paddle: Add rough implementation of `verify_signature()`

Not sure if this works yet as I haven't tested it, but it follows most
of the examples in various languages on:

https://paddle.com/docs/reference-verifying-webhooks/

Just need to add in the comparison to the input signature.
---
 license-generator/paddle/src/lib.rs | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

(limited to 'license-generator/paddle/src/lib.rs')

diff --git a/license-generator/paddle/src/lib.rs b/license-generator/paddle/src/lib.rs
index d153895..787f174 100644
--- a/license-generator/paddle/src/lib.rs
+++ b/license-generator/paddle/src/lib.rs
@@ -1,7 +1,21 @@
+extern crate openssl;
+
+use openssl::hash::MessageDigest;
+use openssl::pkey::PKey;
+use openssl::rsa::Rsa;
+use openssl::sign::Verifier;
+
+
 // https://paddle.com/docs/reference-verifying-webhooks/
-fn verify_signature<'a, I>(params: I) -> bool
+fn verify_signature<'a, I>(pem: &[u8], params: I) -> bool
 where I: IntoIterator<Item = (&'a str, &'a str)> {
-    false
+    let rsa = Rsa::public_key_from_pem(pem).unwrap();
+    let pkey = PKey::from_rsa(rsa).unwrap();
+    let verifier = Verifier::new(MessageDigest::sha1(), &pkey).unwrap();
+
+    let signature = php_serialize(params);
+
+    verifier.verify(signature.as_ref()).unwrap()
 }
 
 fn php_serialize<'a, I>(pairs: I) -> String
-- 
cgit v1.2.3